package com.zhenmaitang.clinic_sys.service.impl;

import com.zhenmaitang.clinic_sys.entity.UriPermission;
import com.zhenmaitang.clinic_sys.mapper.UriPermissionMapper;
import com.zhenmaitang.clinic_sys.service.UriPermissionService;
import com.zhenmaitang.clinic_sys.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.util.AntPathMatcher;

import java.time.LocalDateTime;
import java.util.List;

@Service
public class UriPermissionServiceImpl implements UriPermissionService {

    @Autowired
    private UriPermissionMapper uriPermissionMapper;
    
    @Autowired
    private UserService userService;
    
    private final AntPathMatcher pathMatcher = new AntPathMatcher();

    @Override
    public List<UriPermission> getAllUriPermissions() {
        return uriPermissionMapper.findAll();
    }

    @Override
    public UriPermission getUriPermissionById(Integer id) {
        return uriPermissionMapper.findById(id);
    }

    @Override
    public List<UriPermission> getUriPermissionsByUriAndMethod(String uri, String method) {
        return uriPermissionMapper.findByUriAndMethod(uri, method);
    }

    @Override
    public UriPermission createUriPermission(UriPermission uriPermission) {
        uriPermission.setEnabled(true);
        uriPermission.setCreateTime(LocalDateTime.now());
        uriPermission.setUpdateTime(LocalDateTime.now());
        uriPermissionMapper.insert(uriPermission);
        return uriPermission;
    }

    @Override
    public UriPermission updateUriPermission(UriPermission uriPermission) {
        uriPermission.setUpdateTime(LocalDateTime.now());
        uriPermissionMapper.update(uriPermission);
        return uriPermission;
    }

    @Override
    public void deleteUriPermission(Integer id) {
        uriPermissionMapper.deleteById(id);
    }

    @Override
    public boolean hasUriPermission(Integer userId, String uri, String method) {
        // 1. 根据请求的URI和方法找到匹配的URI权限配置
        UriPermission matchedUriPermission = matchUriPattern(uri, method);
        
        // 如果没有找到匹配的URI权限配置，默认拒绝访问
        if (matchedUriPermission == null) {
            return false;
        }
        
        // 2. 获取该URI对应的权限代码
        String permissionCode = matchedUriPermission.getPermissionCode();
        
        // 3. 检查用户是否拥有该权限代码
        return userService.hasPermission(userId, permissionCode);
    }

    @Override
    public UriPermission matchUriPattern(String requestUri, String method) {
        // 获取所有URI权限配置
        List<UriPermission> allUriPermissions = getAllUriPermissions();
        
        // 首先尝试精确匹配
        for (UriPermission uriPermission : allUriPermissions) {
            if (uriPermission.getMethod().equalsIgnoreCase(method) && 
                uriPermission.getUri().equals(requestUri) && 
                uriPermission.getEnabled()) {
                return uriPermission;
            }
        }
        
        // 如果没有精确匹配，尝试使用Ant风格的路径匹配
        for (UriPermission uriPermission : allUriPermissions) {
            if (uriPermission.getMethod().equalsIgnoreCase(method) && 
                pathMatcher.match(uriPermission.getUri(), requestUri) && 
                uriPermission.getEnabled()) {
                return uriPermission;
            }
        }
        
        return null;
    }
}